General

The “SSL Certificate” stands for “Security Socket Layers Certificate”. This protocol was created to protect data travelling between two machines through data encryption.

All the information from the Internet is basically transferred from one location to another in the form of HTTP language (Hyper Text Transfer Protocol). But HTTP by itself is unprotected and susceptible to Internet tricksters and thieves. That’s why SSL Certificates were developed to protect the information traveling on the Internet.

You may know about the SSL Certificates by some common things you see in your browser: the padlock, the “HTTPS” on the browser tab (when HTTP is being protected by SSL it inherits the letter “S”).

These are all indications that the website you are using has SSL encryption and its information is secure against cyber attacks.

An SSL Certificate takes the information that your users provide and encrypts it, so that only a web server can decrypt it and understand it. So as the information on the web is transmitted via HTTP language, your data is not protected, as HTTP itself is not secure. The SSL Certificate takes your information, encrypts it, and passes it securely to the server where the website is hosted, or directly to the payment processor. On the merchant’s server, or on the payment processor’s side, the SSL certificate receives the encrypted HTTP information, decodes it, and safely performs the action you requested (logging you in, processing a payment, etc).

In this way, the SSL Certificate turns your “HTTP” connection into an “HTTPS” (secured HTTP) connection and protects your data. With an SSL Certificate, your information is protected and safe.

You have to purchase an SSL certificate if your website contains logins or web forms that require personal or credit card information from your customers. The SSL certificate will secure the personal data shared on your website and will make your clients feel safer while performing transactions, knowing that any information shared is within a secure environment and authenticated by a trusted Certificate Authority.

If you have an informative website, we still recommend you to purchase an SSL certificate. By having an HTTPS link, your website will be more trustworthy.

A site seal is a security icon graphic showing the name of the issuing Authority of the SSL. The site seal on your website is a proof that your business has been verified by the Certificate Authority.

You will be issued a static or dynamic site seal, depending on the SSL certificate that you buy for your website. A dynamic site seal will usually display a live time and date stamp and/or your company name. Visitors can click on the site seal to display additional verification information.

By displaying the site seal in preeminent place on your website, you will make your clients feel safer while performing transactions, knowing that any information shared is within a secure environment and authenticated by a trusted Certificate Authority.

An SSL certificate warranty is insurance which covers any damage that you may incur as a result of a data breach or hack that was caused due to a flaw in the certificate. The SSL warranties range in value from $5,000 to $1,500,000. This means that the higher value certificates come with more extensive warranties.

The validity of an SSL certificate varies between 1 and 3 years, depending on the certificate you choose to buy. The Extended Validated SSL certificates are valid for 1 or 2 years. The Domain and Business Validated SSL certificates offered by Sectigo, GoGetSSL, can be issued for up to 3 years, RapidSSL, DigiCert, GeoTrust and Thawte – for 2 years.

You can save between 7% and 15% when purchasing an SSL certificate for 2 or 3 years ahead.

All our SSL certificates are issued by global leaders in Internet Security: DigiCert, GeoTrust, Thawte, Sectigo, RapidSSL.

SHA – standing for Secure Hash Algorithm – is a hash algorithm used by certification authorities to sign certificates and CRL (Certificates Revocation List).

SHA-1 is an older version of the algorithm that is no longer considered to be secure by major browsers and industry experts. SHA-1 is no longer allowed to be used during the generation process by the industry.

SHA-2 is the latest version that is widely accepted and considered to be secure by all major industry experts and browsers. The encryption hash used in SHA-2 is significantly stronger and not subject to the same vulnerabilities as SHA-1.

Encryption strength is the size of the keys used to perform the encryption of data during an SSL session. The longer keys provide stronger encryption and make it difficult for computers to break the code.

All our SSL certificates support up to 256-bit encryption, as it is strongly recommended by the industry experts.

Yes, you can secure an IP address with an SSL Certificate. However, only some specific SSL Certificates will allow you to do that. Here are those SSL Certificates:

– Sectigo InstantSSL Premium
– GoGetSSL Public IP SAN

Please note that the Sectigo InstantSSL Premium is a Business Validation SSL Certificate, which means that you need to have a registered company in order to be issued this SSL certificate.

GeGetSSL Public IP SAN is a Domain Validation SSL Certificate which secures 2 IP addresses by default.

1. Choose the SSL Certificate, then select the period (1, 2, or 3 years) and number of domains (only for Multi-Domain SSL Certificates), and click “Buy Now”;
2. You’ll be redirected to your Shopping Cart, where you need to confirm the period and, for Multi-Domain SSL Certificates, the number of additional domains. Review your Order Summary then click “Continue”;
   
3. On the Review & Checkout page, you’ll find the “New Customer” fillable form which you need to complete to create your SSL Dragon account. Afterward, insert your Promotional Code (if you have it), any Additional Information (if necessary), select the desired Payment Method,  confirm that you’ve read and accepted our Terms of Service, and click on “Checkout”;
4. You’ll be redirected to your Invoice which you need to pay using your selected Payment Method. Once the payment is done, you will see your order number and additional details on your Order Confirmation page. You will find your SSL Certificate in “My Account” at “SSL Certificates” -> “My SSL Certificates“.

SSL Dragon is a fully approved SSL Certificate Reseller that has a wide range of SSL products issued by trusted Certificate Authorities (CAs) such as Sectigo, RapidSSL, Geotrust, Thawte, and DigiCert.

Since SSL Resellers offer CAs greater access to a large number of clients, this highly successful distribution model allows the CAs to focus on product development and improvement, while the resellers perform most of the sales.

This partnership encourages resellers to buy SSL Certificates in bulk at highly favorable prices and hence charge considerably less for the same SSL Certificate offered by a CA.

Therefore, you don’t need to worry – there is nothing wrong with SSL resellers and the SSL Certificates they offer. Since all CAs are reputable brands, these companies won’t allow any third parties to represent them if they don’t meet the necessary requirements. Thus, you can feel confident that the CAs have verified and authorized SSL Dragon to market their products.

So, instead of shopping directly from Certificate Authorities, you have the chance to buy the same SSL Certificates based on a platinum reseller discount, along with other great value deals, 25-days money-back guarantee, and dedicated support.

To add your Company Name and TAX/VAT number, you have to login into your SSL Dragon Account and follow these steps:

1. Click on the “Hello, *Your Name*” button on the right top side of your account dashboard and select “Edit Account Settings”;
2. On the ‘My Details’ page, you will find the ‘Company Name’ and ‘Company TAX/VAT ID’ field;
3. Fill in these fields with the necessary information then click on ’Save Changes’. 

After you perform the above steps, your SSL Dragon account and all your invoices will be automatically updated with this information.

SaveSave

If you are still wondering what are the main benefits of each validation type (Domain Validation (DV), Business Validation (BV), and Extended Validation (EV)) and why you should choose one vs. another, then this is the right FAQ for you. Each of these SSL Certificate types was created having in mind a certain customer trust level:

• Basic – Domain Validation SSL Certificates – created for customers who aren’t interested in showing their company name and address in the SSL Certificate – either because they don’t need/want to or simply because they just don’t have a company. They only need to get the SSL Certificate very quickly in order to secure their domain name with HTTPS and have all web and mobile browsers display their website as “Secure”.
• Medium – Business Validation SSL Certificates – designed for clients who want to display their company’s name in their SSL Certificate’s details in order to ensure their customers that their business is real and trustworthy. BV SSL Certificates also allows you to display on your website a site seal provided by the third party Certificate Authority which proves that your SSL Certificate was issued to your company’s name and address.
• Top – Extended Validation SSL Certificates –  developed for clients for whom users’ trust is highly important. EV SSL Certificates also provide the site seal which proves that your SSL Certificate was issued to your website, company’s name and address but these certificates have the topmost trust level because they show your customers, prospectors, and visitors that your website is highly secure and that their information is always protected.

Now that you know the main differences between Domain Validation (DV), Business Validation (BV), and Extended Validation (EV) SSL Certificates, it should be much easier for you choose the one that fits you the best. 

What are Multi-Year SSL Subscription Plans?

Starting with August 19th, 2020, the maximum duration of publicly-trusted SSL/TLS certificates issued by all Certificate Authorities (CAs) has been set to a maximum of 13 months.

However, in order to make your SSL Management process time-saving and cost-effective, the CAs and SSL Dragon are offering you the 2 Year and 3 Year SSL Subscription Plans.

This means that you can still buy a 2 or 3 year SSL Certificate and continue to benefit from multi-year discounting, while still remaining compliant with the CAB Forum SSL requirements.

How the Multi-Year SSL works?

Due to security reasons, your SSL certificate is initially issued with a maximum 1-year validity.

Prior to the expiration of your certificate, SSL Dragon, on behalf of the CA, we will issue a free replacement certificate for an additional 1-year certificate, according to your Subscription Plan.

You will need to validate & install the replacement SSL:

a. If you have a Domain Validation SSL Certificate, a short verification of your domain name will be required via Email, HTTP, or DNS in order to issue the 1-yr replacement SSL.

b. If you have a Business or Extended SSL Certificate – an additional Business Validation/Extended Validation recheck and callback process will also be required.

You can still reissue your certificate at any time and as many times as you like during your Multi-Year SSL Subscription Plan.

On your SSL Certificate’s page within the SSL Dragon account, you will find all the details regarding your Subscription Plan:

• Valid From – Shows the date when your SSL was issued and became active
• Expires – Shows the date when your SSL expires and needs to be reissued (not Renewed).
• Subscription Starts – The date when the first SSL was issued and the subscription period activated
• Subscription Ends – The date when the subscription ends and SSL needs to be Renewed (not Reissued)
• Next Reissue – shows the number of days left of your SSL. The Certificate should be reissued 30-days prior to this date.

In some cases, the CAs may require manual verification if your order fails any internal rules of Brand Validation. It takes around 24-48 hours to pass this manual check, and the CA will either issue or reject an order in such cases.

Here are the most common reasons why certificate authorities decide to do the brand validation for some orders:

1. Orders from some countries are reviewed manually more often than others, for example:  South Korea, North Korea, Japan;
2. Restricted countries – Afghanistan (AF), Crimea (Russia), Cote d’Ivoire (CI), Cuba (CU), Eritrea (ER), Guinea (GN), Iraq (IQ), Iran (IR), Democratic People’s Republic of Korea (KP), Liberia (LR), Myanmar (MM), Rwanda (RW), Sudan (SD), Sierra Leone (SL), South Sudan (SS), Syrian Arab Republic (SY), Zimbabwe (ZW) – SSL are NOT issued for these countries;
3. The domain name includes a brand name, such as: facebook-app.com, sony-shop.net, dellshop.com, etc;
4. The domain name may have a hidden brand name. For example, your domain is “sibmama.com”, but the automated validation system may read it as “sIBMama” and flag the “IBM” brand. The certificate authority wants to check such orders manually;
5. The domain name has “stop words”, such as: pay, online, secure, booking, shop, bank, transfer, money, e-payment, payment, protection, violence, terrorists, and others. These words and many others are set as triggering words inside the validation system, and make the certificate authority review such orders manually;
6. Domain name is blacklisted OR has a bad reputation.
   

What you can do to speed up the process?

Please contact Sectigo and Thawte, RapidSSL, GeoTrust, DigiCert directly via live chat and discuss the situation with the CA’s representative.

Please mention your “Partner Order ID” in your message.  You can find your “Partner Order ID” on the details page of your SSL Certificate inside your SSL Dragon account. See the screenshot on the right.

A data server provides a wide range of database services such as data storage, data manipulation, data analysis, and archiving. If your website offers Database-as-a-Service (DBaaS) solutions, you will need an SSL certificate to encrypt the sensitive information of your clients. Moreover, since Chrome and Firefox flag websites without SSL encryption as not secure, a valid SSL certificate will ensure that your site is accessible 24/7 from any browser.